ICO Fines Capita £14m for Data Breach
The Information Commissioner's Office (ICO) has issued a fine of £14m to Capita for failing to ensure the security of personal data related to a breach in 2023.
The breach, which occurred in March 2023, saw hackers steal millions of people's information, and the ICO's investigation found key security failings, including delays in responding to the breach, failures around privilege setting, and insufficient penetration testing.
- Capita plc was fined £8m
- Capita Pension Solutions Limited was fined £6m
The £14m fine is significantly less than the £45m initially threatened, and comes after Capita submitted mitigation, including improvements made internally since the breach.
Author's summary: ICO fines Capita £14m for 2023 data breach.